Safely embed flash from almost any site

In the file: yoursite.com/inc/utils.inc.php

 

Find the code:

// HTML Purifier plugin
global $oHtmlPurifier;
require_once( BX_DIRECTORY_PATH_PLUGINS . 'htmlpurifier/HTMLPurifier.standalone.php' );
if (!isset($oHtmlPurifier)) {

HTMLPurifier_Bootstrap::registerAutoload();

$oConfig = HTMLPurifier_Config::createDefault();
$oConfig->set('Filter.YouTube', true);
$oConfig->set('HTML.DefinitionID', '1');

$oConfig->set('HTML.SafeObject', 'true');
$oConfig->set('Output.FlashCompat', 'true');

 

Add the two lines in red on new lines.  This will allow your members to safely embed videos from just about any site.  Some sites that require script execution to be allowed for the video to embed, wont work.  This is a good thing... usually only sleazy porn sites require this, and not for good reasons.  You will find that embedded video players will be missing the 'Full Screen' button.  This is because the version of HTMLPurifier used in Dolphin 7.0.4 strips the allowFullScreen parameter, and it cannot be changed  The latest version of HTMLPurifier, 4.2.0 adds a new configuration directive 'HTML.FlashAllowFullScreen', which can be set to true to allow full screen.  I've entered a ticket requesting that HTMLPurifier be updated to version 4.2.0 in Dolphin 7.0.5.  Hopefully, it will get done.  Until then, your members will just have to live without the full screen option.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 29 Nov 2010

http://www.boonex.com/trac/dolphin/ticket/2301

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 29 Nov 2010

When you say " This will allow your members to safely embed videos from just about any site.", where do you mean? On the videos page where you can embed, blogs, forums, etc.?? Just curious..

Nothing to see here
Quote · 29 Nov 2010

As you can see, this affects HTMLPurifier, which has nothing to do with video uploads.   Therefore.... this affects any place you can post html code with TinyMCE.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 29 Nov 2010

It looks to me like you can just upload version 4.2.0 of HTMLPurifier, and replace Version 4.1.1, without doing anything else.  It seems to be working for me here with a hulu.com video.

I added a third line to the above cited code so that it now looks like this:

 

global $oHtmlPurifier;
require_once( BX_DIRECTORY_PATH_PLUGINS . 'htmlpurifier/HTMLPurifier.standalone.php' );
if (!isset($oHtmlPurifier)) {

HTMLPurifier_Bootstrap::registerAutoload();

$oConfig = HTMLPurifier_Config::createDefault();
$oConfig->set('Filter.YouTube', true);
$oConfig->set('HTML.DefinitionID', '1');

$oConfig->set('HTML.SafeObject', 'true');
$oConfig->set('Output.FlashCompat', 'true');

$oConfig->set('HTML.FlashAllowFullScreen', 'true');

The embedded video now has the FullScreen option

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 30 Nov 2010

AlexT has confirmed that HTMLPurifier is used without making any changes to it.  If you don't want to wait for the new version to be included in Dolphin 7.0.5, you can download version 4..2.0 HERE.  Then just upload the new files to /plugins/htmlpurifier.  Then set the HTML.FlashAllowFullScreen to true as instructed in the above post.

 

Once you make these changes, your members will be able to embed flash from just about any site, with the Full Screen option enabled in the player.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 1 Dec 2010

Earlier, you made a change to the vimeo.php file to enable full screen vimeo. Does this upgrade supercede that or should we use both?

http://towtalk.net ... Hosted by Zarconia.net!
Quote · 1 Dec 2010

UFO... Kindly delete your above post before you piss me off.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 1 Dec 2010

 

Earlier, you made a change to the vimeo.php file to enable full screen vimeo. Does this upgrade supercede that or should we use both?

Use both.  The Vimeo.php filter does a better job and works independently of SafeObject and the other directives.  The changes here just allow your members to safely embed flash from just about anywhere.  Without these changes, all your members will be able to embed are YouTube and Vimeo videos.  Some sites won't embed, but you wouldn't want those anyway.

My opinions expressed on this site, in no way represent those of Boonex or Boonex employees.
Quote · 1 Dec 2010

Thanks.... BTW, if you really want to show off that skin of yours with a vimeo video, check this one out.

 

uht oh, guess embedding is disabled here, lol

http://vimeo.com/12613824

 

http://towtalk.net ... Hosted by Zarconia.net!
Quote · 1 Dec 2010

UFO360, if you are having problems with a member of this site, I recommend you open a dispute by creating a new topic in the disputes forum. Do not carry over your dirty laundry to the other topics.

BoonEx Certified Host: Zarconia.net - Fully Supported Shared and Dedicated for Dolphin
Quote · 1 Dec 2010

Does this still work in dolphin 7.0.7 because the code in utils.inc.php in dolphin 7.0.7 is diferent to your code you posted.

here is the code from 7.0.7

 

    // HTML Purifier plugin   
    global $oHtmlPurifier;
    require_once( BX_DIRECTORY_PATH_PLUGINS . 'htmlpurifier/HTMLPurifier.standalone.php' );
    if (!isset($oHtmlPurifier)) {

        HTMLPurifier_Bootstrap::registerAutoload();
       
        $oConfig = HTMLPurifier_Config::createDefault();       

        $oConfig->set('HTML.SafeObject', 'true');
        $oConfig->set('Output.FlashCompat', 'true');
        $oConfig->set('HTML.FlashAllowFullScreen', 'true');

        $oConfig->set('Filter.Custom', array (new HTMLPurifier_Filter_LocalMovie()));

  $oConfig->set('HTML.DefinitionID', '1');
  $oDef = $oConfig->getHTMLDefinition(true);
  $oDef->addAttribute('a', 'target', 'Enum#_blank,_self,_target,_top');
       
        $oHtmlPurifier = new HTMLPurifier($oConfig);
    }

Quote · 28 Aug 2011

Hello! Prompt, knowledgeable people, how to make the TinyMCE not cut out this code player:

<object width="450" height="200" id="player"><param name="movie" value="/jwplayer/player.swf"></param><param name="allowscriptaccess" value="always"/><param name="wmode" value="transparent" /><param name="FlashVars" value="st=c:2iob3gRLvay8Gx9Hkf9V0dFBkfTBUaJMva7c3dWh6xwNvay8Gx9HkfnBGihb&amp;pl=c:6N9V0dFm0d41GCnexc8Hk548kSnen5hbGiAevNJj0iwHU5wN3dWh05wbv5yL0SJ50dF12CJM0aoz0dw1vazVtNJ52xW43NsWOQZ1v5zVtNn8n5yL0xz40ITHOH9QQzwOoCn8nIuL3co43Hnen5hbGiAevNJj0iwHU5wN3dWh05wbv5yL0SJ50dF12CJM0aoz0dw1vazVtNJ52xW43NsWOQZ1v57VkN9Jffbr" /><embed src="/jwplayer/player.swf" type="application/x-shockwave-flash" allowscriptaccess="always" width="450" height="200" flashvars="st=c:2iob3gRLvay8Gx9Hkf9V0dFBkfTBUaJMva7c3dWh6xwNvay8Gx9HkfnBGihb&amp;pl=c:6N9V0dFm0d41GCnexc8Hk548kSnen5hbGiAevNJj0iwHU5wN3dWh05wbv5yL0SJ50dF12CJM0aoz0dw1vazVtNJ52xW43NsWOQZ1v5zVtNn8n5yL0xz40ITHOH9QQzwOoCn8nIuL3co43Hnen5hbGiAevNJj0iwHU5wN3dWh05wbv5yL0SJ50dF12CJM0aoz0dw1vazVtNJ52xW43NsWOQZ1v57VkN9Jffbr"/></object>

Quote · 29 Jan 2013

The mentioned code is already in the latest version of dolphin 7.1 but I can't embed any other video besides youtube.  Is there something I'm missing?

Quote · 5 Feb 2013

 Hey Houstonlively,

Can you please help me with "unstripping" the "style" tag in ver 7.1.2?

It doesn't seem to contain the safehtml file with the list of blocked tags anymore... or does it? I couldn't find it.

 

Thank you!!!

In the file: yoursite.com/inc/utils.inc.php

 

Find the code:

// HTML Purifier plugin
global $oHtmlPurifier;
require_once( BX_DIRECTORY_PATH_PLUGINS . 'htmlpurifier/HTMLPurifier.standalone.php' );
if (!isset($oHtmlPurifier)) {

HTMLPurifier_Bootstrap::registerAutoload();

$oConfig = HTMLPurifier_Config::createDefault();
$oConfig->set('Filter.YouTube', true);
$oConfig->set('HTML.DefinitionID', '1');

$oConfig->set('HTML.SafeObject', 'true');
$oConfig->set('Output.FlashCompat', 'true');

 

Add the two lines in red on new lines.  This will allow your members to safely embed videos from just about any site.  Some sites that require script execution to be allowed for the video to embed, wont work.  This is a good thing... usually only sleazy porn sites require this, and not for good reasons.  You will find that embedded video players will be missing the 'Full Screen' button.  This is because the version of HTMLPurifier used in Dolphin 7.0.4 strips the allowFullScreen parameter, and it cannot be changed  The latest version of HTMLPurifier, 4.2.0 adds a new configuration directive 'HTML.FlashAllowFullScreen', which can be set to true to allow full screen.  I've entered a ticket requesting that HTMLPurifier be updated to version 4.2.0 in Dolphin 7.0.5.  Hopefully, it will get done.  Until then, your members will just have to live without the full screen option.

 

Quote · 11 Jun 2013

I posted something similar about it stripping out the iframe code and I fixed it.  No time now but I will see if I recall; there were changes made in this I believe.

Geeks, making the world a better place
Quote · 11 Jun 2013

This solution can help with add for example soundcloud, zippyshare embed codes to the music module? Just as it`s in the videos module - you can add a youtube link to the video.


Quote · 16 Jun 2013
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.